Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-11-2020
Ran by Snowie (administrator) on JUNO (Hewlett-Packard HP ProBook 4545s) (19-11-2020 22:00:47)
Running from C:\Users\Snowie\Desktop
Loaded Profiles: Snowie
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TMRG, Inc. -> TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlservice.exe
(TMRG, Inc. -> TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe
(TMRG, Inc. -> TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg32.exe
(TMRG, Inc. -> TMRG, Inc.) C:\Program Files (x86)\RelevantKnowledge\rlvknlg64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Snowie\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Snowie\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe"  -q
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33102224 2020-11-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646904 2019-07-18] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\Run: [Chromium] => "c:\users\snowie\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\MountPoints2: {718eb70d-dd56-11e9-834f-b4b52f72c84f} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\MountPoints2: {7cd81b36-79f9-11e8-828f-b4b52f72c84f} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\MountPoints2: {faee2a17-69e8-11e9-831a-b4b52f72c84f} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3189503593-2876448154-3088679205-1001\...\MountPoints2: {faee2ada-69e8-11e9-831a-b4b52f72c84f} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1009FC54-3B0F-40FE-9E14-13A7F7B84851} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {552520B2-E429-4867-9F95-26E33D6283D3} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [3938784 2020-02-11] (Byte Technologies LLC -> Byte Technologies LLC) <==== ATTENTION
Task: {5DAC5A8F-4485-47E3-B9B3-52AF39A04CDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-02] (Google Inc -> Google Inc.)
Task: {6726BBB7-CA59-46DE-99B7-1BF8CC7B8610} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-19] (bookingDesktopApp.) [File not signed]
Task: {B2AE5251-7B82-4458-9B61-B7E2B27AE414} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-02] (Google Inc -> Google Inc.)
Task: {F3EACFF2-52D1-4B57-A207-C829718D8470} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-19] (bookingDesktopApp.) [File not signed]
Task: {F54E768A-D339-4F40-AC20-E3C80B5E04DD} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [100536 2019-06-19] (CyberLink Corp. -> CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{032DFF6E-3081-402E-A52A-B8674FABE9A8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5D10F04F-0361-46F7-8C49-661B4E9C0926}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-19] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-19] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default [2020-11-19]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://panel.marketagent.com; hxxps://prokliky.cz
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/","hxxp://www.youtube.com/","hxxp://www.google.sk/","hxxps://www.facebook.com/","hxxps://www.google.sk/","hxxp://www.oursurfing.com/?type=hp&ts=1438250217&z=e8b7c9395940a0b966f0cd2g2z8cfbdoewbeeocg2b&from=amt&uid=ST750LM022XHN-M750MBB_S2SUJ9BC916972"
CHR DefaultSearchURL: Default -> hxxp://securedserch.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> sse
CHR DefaultSuggestURL: Default -> hxxp://securedsearch.xyz/?s={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentácie) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-02]
CHR Extension: (Dokumenty) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-02]
CHR Extension: (Disk Google) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (ByteFence Secure Browsing) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blngdeeenccpfjbkolalandfmiinhkak [2020-04-03]
CHR Extension: (YouTube) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-02]
CHR Extension: (Tampermonkey) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-10-04]
CHR Extension: (Tema ViSta-se) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcedicadmjnlpkcccoacdkljflgeejfj [2020-10-04]
CHR Extension: (Tabuľky) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-02]
CHR Extension: (Word Online) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2019-08-05]
CHR Extension: (Animal Crossing live background) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfocmiihofighegjlbmdklopoboedema [2020-10-04]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-11-19]
CHR Extension: (Office) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2020-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-08]
CHR Extension: (Gmail) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\Snowie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [996928 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6133752 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-19] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-19] (bookingDesktopApp.) [File not signed]
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [162272 2020-02-11] (Byte Technologies LLC -> Byte Technologies LLC) <==== ATTENTION
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [170352 2020-04-10] (TMRG, Inc. -> TMRG, Inc.) <==== ATTENTION
U2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [628920 2019-06-19] (CyberLink Corp. -> CyberLink)
R2 rtop; c:\program files\bytefence\rtop\bin\rtop_svc.exe [297288 2020-02-19] (Byte Technologies LLC -> Byte Technologies LLC.) <==== ATTENTION
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [142848 2014-11-21] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37880 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205600 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [275232 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [210328 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [65376 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43512 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [171784 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111096 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84560 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [855472 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [464352 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [236288 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317304 2020-02-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [700128 2015-06-16] (Sunplus Innovation Technology Inc. -> Sunplus)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\system32\DRIVERS\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-19 21:44 - 2020-11-19 22:12 - 000017351 _____ C:\Users\Snowie\Desktop\FRST.txt
2020-11-19 21:44 - 2020-11-19 22:01 - 000000000 ____D C:\FRST
2020-11-19 21:43 - 2020-11-19 21:43 - 002294784 _____ (Farbar) C:\Users\Snowie\Desktop\FRST64.exe
2020-11-19 21:37 - 2020-11-19 21:37 - 000000753 _____ C:\Users\Snowie\Desktop\Dokumenty disk E - Shortcut.lnk
2020-11-14 21:18 - 2020-11-14 21:18 - 000000000 ____D C:\Program Files (x86)\HP Universal Camera Driver
2020-11-08 12:24 - 2020-11-08 12:24 - 000000000 _____ C:\Users\Snowie\AppData\Local\BIT8288.tmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-19 22:10 - 2020-02-19 23:02 - 000000000 ____D C:\Program Files\ByteFence
2020-11-19 21:59 - 2018-03-02 16:38 - 000000000 ____D C:\Users\Snowie
2020-11-19 21:59 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-19 21:42 - 2020-02-19 23:04 - 000000000 ____D C:\Program Files (x86)\RelevantKnowledge
2020-11-19 19:11 - 2018-03-02 18:22 - 000003914 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{6E7A7601-15A5-4ED2-A5CC-91DB0978D762}
2020-11-19 13:09 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2020-11-18 17:37 - 2018-03-02 16:44 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3189503593-2876448154-3088679205-1001
2020-11-18 00:03 - 2018-03-02 23:24 - 000002262 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-18 00:03 - 2018-03-02 23:24 - 000002221 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-15 02:55 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2020-11-14 21:08 - 2019-05-26 22:48 - 000000000 ____D C:\Program Files (x86)\Drakensang Online
2020-11-13 20:10 - 2018-03-06 15:10 - 000000000 ____D C:\Windows\system32\MRT
2020-11-13 19:56 - 2018-03-02 16:34 - 133736600 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-04 19:18 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness

==================== Files in the root of some directories ========

2020-04-03 00:18 - 2020-05-01 18:40 - 000000038 _____ () C:\Users\Snowie\AppData\Roaming\WB.CFG
2020-11-08 12:24 - 2020-11-08 12:24 - 000000000 _____ () C:\Users\Snowie\AppData\Local\BIT8288.tmp
2018-04-24 18:58 - 2020-08-20 17:20 - 000006144 _____ () C:\Users\Snowie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-06-18 22:03 - 2019-06-18 22:03 - 000000000 _____ () C:\Users\Snowie\AppData\Local\{0BFDB5FA-30B8-4023-BED3-05834DD9E23B}
2019-06-18 22:03 - 2019-06-18 22:03 - 000000000 _____ () C:\Users\Snowie\AppData\Local\{5F3DC63F-4892-4EF1-B201-2BAFC2EEC8E5}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-11-13 19:27
==================== End of FRST.txt ========================